Re: [OT] Breaking WPA2 by forcing nonce reuse
On Mon, 16 Oct 2017 21:27:30 +0530
"email@example.com" <firstname.lastname@example.org> wrote:
> On 16/10/2017 21:12, Curt wrote:
> > https://www.krackattacks.com/
> > Our attack is especially catastrophic against version 2.4 and above of
> > wpa_supplicant, a Wi-Fi client commonly used on Linux. Here, the client will
> > install an all-zero encryption key instead of reinstalling the real key.
> > Uh-oh.
> It was addressed in Debian by DSA-3999-1 I think, but will probably
> linger for a long time on routers, phones, appliances and IoT all over
> the world. After Bluetooth a few weeks ago, now wpa2 wifi, most of the
> wireless consumer electronic have it's base covered and ripe for cracking...
It's crucial to understand that there's a huge difference in severity
between BlueBorne and and KRACK: the former "allows attackers to take
control of devices", and "does not require the targeted device to be
paired to the attacker’s device, or even to be set on discoverable
mode" (!) [https://www.armis.com/blueborne/], whereas the latter
'simply' breaks WPA2, and can't really hurt you insofar as you're using
secure higher level protocols (ssh, SSL/TSL, HTTPS).
I don't mean to say that KRACK isn't nevertheless a huge problem,
but it doesn't seem to be nearly as serious as BlueBorne, and it isn't
going to be catastrophic to anyone not treating WiFi as a really secure
protocol. E.g., on my home network, I do use WPA, but I still require
SSH and so on for internal communication between my local hosts.